package com.cn.tous.auth.security;

import lombok.EqualsAndHashCode;
import lombok.Getter;
import org.jetbrains.annotations.Nullable;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
import org.springframework.util.Assert;

import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Set;

/**
 * @author mengwei
 * @description 密码模式认证令牌
 * @createDate 2025/7/29 10:49
 */
@Getter
@EqualsAndHashCode(callSuper = false)
public class OAuth2PasswordGrantAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
    private final String username;
    private final String password;
    private final Set<String> scopes;


    public OAuth2PasswordGrantAuthenticationToken(
            Authentication clientPrincipal,
            @Nullable Set<String> scopes,
            String username,
            String password) {
        super(new AuthorizationGrantType("password"), clientPrincipal, new HashMap<>());
        Assert.hasText(username, "username cannot be empty");
        Assert.hasText(password, "password cannot be empty");
        this.username = username;
        this.password = password;
        this.scopes = Collections.unmodifiableSet(
                scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
    }

}
